CVE-2025-14614
📋 TL;DR
This CVE describes an insecure temporary file vulnerability in Altera Quartus Prime installers on Windows. Attackers can exploit predictable temporary file names to potentially overwrite or manipulate files during installation. This affects users running Quartus Prime Standard or Lite versions 23.1 through 24.1 on Windows systems.
💻 Affected Systems
- Altera Quartus Prime Standard Installer (SFX)
- Altera Quartus Prime Lite Installer (SFX)
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
An attacker could overwrite critical system files during installation, potentially leading to privilege escalation, system compromise, or installation of malicious code.
Likely Case
Local attackers could manipulate installation files to cause installation failures, corrupt software, or potentially execute arbitrary code in the context of the installer.
If Mitigated
With proper file permissions and installation in isolated environments, impact is limited to installation disruption without system compromise.
🎯 Exploit Status
Requires local access and timing during installation. Exploitation depends on attacker ability to predict/create temporary file names.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after 24.1
Vendor Advisory: https://www.altera.com/security/security-advisory/asa-0005
Restart Required: No
Instructions:
1. Download latest Quartus Prime version from Intel/Altera website. 2. Uninstall affected versions. 3. Install updated version. 4. Verify installation completes without errors.
🔧 Temporary Workarounds
Secure Installation Environment
windowsInstall software in isolated environments with restricted user permissions
Manual Installation Monitoring
windowsMonitor temporary directories during installation and verify file integrity
🧯 If You Can't Patch
- Install software only on isolated systems without untrusted local users
- Use virtualization/sandboxing for installation processes
🔍 How to Verify
Check if Vulnerable:
Check Quartus Prime version: Open Quartus Prime, go to Help > About. If version is between 23.1 and 24.1 inclusive, system is vulnerable.Check Version:
quartus --version (from command line) or check Help > About in GUIVerify Fix Applied:
Install version after 24.1 and verify installation completes without file manipulation warnings.📡 Detection & Monitoring
Log Indicators:
- Unexpected file creation in temp directories during installation
- Installation failures with file access errors
Network Indicators:
- No network indicators - local vulnerability only
SIEM Query:
EventID 4663 (File creation) in Windows Security logs during Quartus installation with suspicious temp file patterns